diff options
author | tron <tron> | 2008-08-30 08:12:45 +0000 |
---|---|---|
committer | tron <tron> | 2008-08-30 08:12:45 +0000 |
commit | b662e9bf0c937938841a8b7c93c0c9edcb5c2a37 (patch) | |
tree | d87dd1de7a7d33ca316c2a964321a2346c2f33e0 /graphics/tiff/patches | |
parent | ccee5855bc948ae4a8bcd20a97c39d07b9a955d0 (diff) | |
download | pkgsrc-b662e9bf0c937938841a8b7c93c0c9edcb5c2a37.tar.gz |
Apply Debian's fix for the security vulnerability reported in
CVE-2008-2327. Bump package revision.
Diffstat (limited to 'graphics/tiff/patches')
-rw-r--r-- | graphics/tiff/patches/patch-ac | 60 |
1 files changed, 60 insertions, 0 deletions
diff --git a/graphics/tiff/patches/patch-ac b/graphics/tiff/patches/patch-ac new file mode 100644 index 00000000000..56038e96193 --- /dev/null +++ b/graphics/tiff/patches/patch-ac @@ -0,0 +1,60 @@ +$NetBSD: patch-ac,v 1.19 2008/08/30 08:12:45 tron Exp $ + +--- libtiff/tif_lzw.c.orig 2006-03-21 16:42:50.000000000 +0000 ++++ libtiff/tif_lzw.c 2008-08-30 09:03:37.000000000 +0100 +@@ -237,6 +237,13 @@ + sp->dec_codetab[code].length = 1; + sp->dec_codetab[code].next = NULL; + } while (code--); ++ /* ++ * Zero-out the unused entries ++ */ ++ _TIFFmemset(&sp->dec_codetab[CODE_CLEAR], 0, ++ (CODE_FIRST-CODE_CLEAR)*sizeof (code_t)); ++ ++ + } + return (1); + } +@@ -408,12 +415,20 @@ + break; + if (code == CODE_CLEAR) { + free_entp = sp->dec_codetab + CODE_FIRST; ++ _TIFFmemset(free_entp, 0, (CSIZE-CODE_FIRST)*sizeof (code_t)); + nbits = BITS_MIN; + nbitsmask = MAXCODE(BITS_MIN); + maxcodep = sp->dec_codetab + nbitsmask-1; + NextCode(tif, sp, bp, code, GetNextCode); + if (code == CODE_EOI) + break; ++ if (code == CODE_CLEAR) { ++ TIFFErrorExt(tif->tif_clientdata, tif->tif_name, ++ "LZWDecode: Corrupted LZW table at scanline %d", ++ tif->tif_row); ++ return (0); ++ } ++ + *op++ = (char)code, occ--; + oldcodep = sp->dec_codetab + code; + continue; +@@ -604,12 +619,20 @@ + break; + if (code == CODE_CLEAR) { + free_entp = sp->dec_codetab + CODE_FIRST; ++ _TIFFmemset(free_entp, 0, (CSIZE-CODE_FIRST)*sizeof (code_t)); + nbits = BITS_MIN; + nbitsmask = MAXCODE(BITS_MIN); + maxcodep = sp->dec_codetab + nbitsmask; + NextCode(tif, sp, bp, code, GetNextCodeCompat); + if (code == CODE_EOI) + break; ++ if (code == CODE_CLEAR) { ++ TIFFErrorExt(tif->tif_clientdata, tif->tif_name, ++ "LZWDecode: Corrupted LZW table at scanline %d", ++ tif->tif_row); ++ return (0); ++ } ++ + *op++ = code, occ--; + oldcodep = sp->dec_codetab + code; + continue; |